IoT maturity level and the risk of cutting corners

The smart home can do and connect to pretty much anything. It can conveniently turn on your heating remotely or in rare cases, switch to a hundred degrees.

As the appetite for IoT solutions intensifies – seemingly pushing novel solutions out onto the market almost every day – a new mentality prevails: 'let's just make it work'.

This pressure and hype to lead in IoT somehow fails to address the pervasiveness and risks in safety, security and privacy. I believe now is the time for technology companies to be at the forefront in raising awareness about these concerns.

IoT is at an early stage of development. In the past five years it has grown exponentially. Its adoption is widely expected to explode by 2020. However, there is a long way to go before it reaches adulthood.

Many security experts say that there are still a number of fairly obvious concerns regarding the vulnerability of smart home technology. There is no clear-cut way of dealing with this, so every company has its own policies.

Achieving convenience with creating a safe and secure product, is always a balancing act. But how can we truly address these issues? As a connected-home company, we have to create a mind-set to develop new products and services responsibly.

Define your boundaries and make decisions

With so many possibilities for connecting things to the smart home, there is a temptation to open up platforms as far as the eye can see and connections will allow. Individual devices can now suddenly all talk to each other. But the more connections you allow and the more personalised your products or services become, the bigger the risks become.

You cannot predict all the potential threats, or create a safety pin for every feature, but you can certainly make responsible decisions in opening up your platform. You can control the way devices talk to each other and the languages they speak.

For instance, at Quby we choose specifically to use a 'closed design' where access to our smart device can only be established through our secured platform thereby nullifying any threats on the users’ local network.

You need a thorough process to focus on real, intrinsic protection. We use mutual authentication certificates to make sure no untrusted parties can intrude on our devices. We choose our partners selectively.

For instance, we gradually open our API, inviting third party developers to join our community and to collaborate with us as they design new features along the way.

Continuously learn and improve

As you grow in scale and gain momentum, it is likely that you will be tested at some point. What I'm hinting at is that when you need to move faster, you can overlook certain details that may provide an opportunity for malicious exploitation. That's why it is so important to make security and privacy a mandatory factor every step of the way. You need to ask questions and run through all the scenarios.

'Don't become the case' is what they say. Engaging users and learning from mistakes are essential duties some fail to address. At a lot of companies, smart hackers are actually asked and rewarded to intentionally break the systems, to see where the vulnerabilities are.

This is a key aspect to learn continuously and improve security in this business. For these reasons, we plan to make use of responsible disclosure to invite developers to work with us in improving the security of our solutions.

Be clear about where it ends and where it begins

When it comes to data privacy, a lot of consumers are wary. The sentiment is 'Big Brother is watching you'. But they don't always truly know the risks involved for each individual device, so this general attitude somehow wears off on all smart home companies.

My opinion is that you can deal with this in a proactive manner. It is all about transparency and informing your customers about the limits and boundaries of the protection you can offer.

Let's compare it to taking a ski trip. When skiing, you assume the ski resort will offer a safe landscape for you to enjoy your holiday, but you should also be warned of any danger in specific areas.

If you fail to neglect your duties, there is a heavy price to pay. I'm not just talking about the stiff fines European regulations dictate when there is neglect. Trust is what motivates people to buy or not buy your product. We are building a chain of trust.

From chaos to curation

IoT is still in a very early phase. But where is it going? Could it be that it is just too dangerous?

This is the way I see it. A child doesn’t grow up to learn about bad people, you need responsible parenting in order to teach them that they shouldn’t go with strangers.

When the child grows up and reaches a level of maturity, only then can you safely assume that it has all the skills and awareness to understand whom to trust and why. There should be no cutting corners. There is safety at stake.

I am convinced that in the next few years, there will be a consolidation of the smart home world.

Bad choices are only made because companies can still get away with it. The best, smartest companies will be those that focus on educating consumers.

If we do it right, we can create the fabric and the community around the smart home that users can take advantage of. We can introduce ways that people can increase awareness about their energy footprint or even assist elderly people in making their homes a safer and more comfortable place.

This will make for a better, safer and more connected world.

Michiel Fokke, Chief Technology Officer, Quby